Nadim Kobeissi, developer of the secure chat client Cryptocat, claims that agents from the Canadian Security Intelligence Service may have installed a backdoor on his computer to monitor his activities, prompting him to migrate the service's network and reset its security keys. While Kobeissi pokes fun at the move — he writes that "having our network inside a Cold War nuclear bunker in Sweden would satisfy our need for the world to be as cartoon-like as possible" — he's not laughing about the alleged intrusion from government intelligence agents.
In light of my compromise, we have migrated Cryptocat’s network to a Swedish nuclear bunker, reset all keys, etc.: blog.crypto.cat/2013/02/crypto…— Nadim Kobeissi (@kaepora) February 10, 2013
Kobeissi says the discovery of alleged government tampering came after a couple of odd email exchanges in January with two individuals going by "PG" and "GB." At first they seemed to be soliciting his services for a website project, but when he declined "PG" allegedly claimed to be a Juror and a former correspondent for the French newspaper Le Monde with ties to the CSIS. After returning from a trip to New York City, Kobeissi says he found his SFTP client attempting to make a number of connections on its own, including hostnames that "appear to belong to the CSIS" and a software company that provides IT services for the Canadian court system.
"This may all be just one big prank, with me as the victim."
"These connections were all detected and prevented by my external firewall system," Kobeissi writes in a blog post. "I have documented the connections to the [greatest] extent possible. In anger, I called a close friend to complain about these connections. Shortly after my phone call, the connection requests stopped, even though they had been occurring for days."
Out of my 4 DHS interrogations in the past 3 weeks, it's the first time I'm asked about Cryptocat crypto and my passport is confiscated.— Nadim Kobeissi (@kaepora) June 6, 2012
Kobeissi started developing Cryptocat as a free tool to make secure communication more accessible, and has been the target of questioning by US customs on several occasions. Last June, Kobeissi claimed to have been detained and interrogated at the US-Canadian border. He says that he's routinely given the "SSSS" (Secondary Security Screening Selection) designation when traveling between the countries, which subjects him to special searches and questioning. There's no solid evidence that Canadian agents were involved in the alleged backdoor, and Kobeissi admits that it could be a prank — but he's not taking any chances.
T.C. Sottek contributed to this report